A journal about my personal thoughts regarding evolving a comprehensive social media strategy at a large company.

October 03, 2007

Sharing Responsibility with IT

So, is rolling out a social media platform (behind the firewall or otherwise) an IT thing, or a business thing?

The right answer is "both", which means that neither function can dictate terms to the other.

And today, I'd like to share some thoughts about organizational models, and specifically, working with IT groups.

A Bit Of Context

My day job involves selling EMC's value proposition to IT organizations of all shapes and sizes. And after doing this for maybe 20 years, I've come to learn more than a little about how IT organizations think and behave, and -- more importantly -- their roles in organizations.

At EMC, our default model is "IT as a business support function". The business comes to IT with a challenge, opportunity, etc. IT studies it, makes recommendations, asks for funding, assigns project managers, and (eventually) delivers the goods.

This is not an uncommon model. And for certain classes of problems, it works pretty well.

Being A Business Unit

Early on, I wanted social media to be a mainstream thing at EMC, which means -- by default -- I had to work with our IT function. No pirate projects here, please -- although I know that's an attractive option to many of you.

I don't think our IT organization is unique in being widely perceived as the "Land of No". Unprepared travellers who venture into its lair without adequate preparation will be beset by a bewildering thicket of process, buzzwords and vague accountability.

Early on, I knew this, so I went around and built support for my plans and ideas, and presented myself to IT as a virtual business unit. Having an exec mandate helps, as does having some budget (or someone else's budget). Having done your homework and having authoritative, well-reasoned thoughts also doesn't hurt.

Simplifying The Discussion

We wanted a shared ownership model. IT could run the software and the supporting hardware, we (the business unit) wanted to control the user experience. While this was agreed in principle, the execution has been problematic -- more on this later.

We knew security was going to be a problem. As a result, we thought it wise to position this as a "behind the firewall" platform -- no outside access whatsoever. It didn't eliminate the concerns, but it limited them.

We knew that sizing, scalability and administrative effort would be a challenge, and there was little prior history to go on. So we positioned our project as a limited pilot -- no more than 1000 users, not mission-critical, we'll make mistakes, we'll keep expectations low, etc. That helped.

We didn't want to spend six months evaluating vendors and packages. We did the evaluation ourself, and recommended Clearspace from Jive software. That also means that we were going to live with our decision. That particular topic was not up for general discussion, although there were those that wanted to weigh in and prolong the experience. That decision really helped.

We didn't define the database vendor -- that's up to IT, as is the operating system and the decision to run the whole thingie in a VMware virtual machine. BTW, due to my background, I have to admit I was peeking over their shoulder at some of their decisions, but didn't feel the need to weigh in.

But There Was A Bigger Cultural Problem

At the heart of it, everyone wants to be relevant. No one strives to be irrelevant. It's a basic human behavior that also applies to IT people.

At an IT management level, I believe they see themselves as very relevant as they provide IT services that power EMC's business model. The behavior gets a bit more challenging as one dives into the IT specialties.

If you break an IT project into specialized disciplines, you'll find servers, databases, networks, security, business application logic, project management, and so on. And, to a certain degree, everyone wants to be relevant.

As an example, our security guys came up with some pretty imaginative scenarios of potential security problems. There was a call to put on profanity filtering and be able to "ban" users. Now, remember, these are the same people we work with day-to-day -- all of our users are EMC employees.

IT hired a contractor who said that she had some Clearspace experience. While the offer of help was nice, she immediately started playing with permissions and brought everything to a grinding halt. We lost a day of productivity, and another day or so arguing that monkeying with the user experience wasn't part of her job description. It was emotional, but shouldn't have been, since we'd been pretty clear up front.

Again, the model was that we, the business, control the user experience. You, IT, make sure the software is up and running. That's a pretty clear line, but you'd be amazed how often the IT people try to cross it.

Now, should our IT organization want to have a business-focused person who's driving the user experience and goaled on the success of the project delivering business benefits (rather than meeting IT goodness criteria), that'd be OK with me. But, failing that, we want a shared model, and we're willing to work a bit to get it.